Merge-CIPolicy
Combines the rules in several Code Integrity policy files.
Syntax
Merge-CIPolicy
[-OutputFilePath] <String>
[-PolicyPaths] <String[]>
[-Rules <Rule[]>]
[-AppIdTaggingPolicy]
[<CommonParameters>]
Description
The Merge-CIPolicy cmdlet combines the rules in several Code Integrity policy files. This cmdlet creates a single policy .xml file. You can specify rules to add to the merged list. This cmdlet does not save redundant rules. The cmdlet appends a digit to the IDs of the rules to make the IDs of the rules unique.
Examples
Example 1: Merge policies
PS C:\> Merge-CIPolicy -PolicyPaths '.\Policy.xml','.\Policy02.xml' -OutputFilePath '.\MergedPolicy.xml'
Name : MSIT Test CodeSign CA 3
Id : ID_SIGNER_S_17_0
TypeId : Allow
Root : FA6B9A2230CE08BCA81D096B28CF495672401D3A43A0D285CF352464A6C9C7FD
FileVersionRef :
Wellknown : False
Ekus :
Exceptions :
FileAttributes :
FileException : False
UserMode : False
Name : VeriSign Class 3 Code Signing 2010 CA
Id : ID_SIGNER_S_1D_0
TypeId : Allow
Root : 4843A82ED3B1F2BFBEE9671960E1940C942F688D
FileVersionRef :
Wellknown : False
Ekus :
Exceptions :
FileAttributes :
FileException : False
UserMode : False
Name : Microsoft Windows Third Party Component CA 2012
Id : ID_SIGNER_S_1E_0
TypeId : Allow
Root : CEC1AFD0E310C55C1DCC601AB8E172917706AA32FB5EAF826813547FDF02DD46
FileVersionRef :
Wellknown : False
Ekus :
Exceptions :
FileAttributes :
FileException : False
UserMode : False
Name : \\?\E:\cmdlets\temp\Microsoft.ConfigCI.Commands.dll Hash Sha1
Id : ID_ALLOW_A_49_1
TypeId : Allow
Root :
FileVersionRef :
Wellknown : False
Ekus :
Exceptions :
FileAttributes :
FileException : False
UserMode : False
This command merges policies defined in the two .xml files into a third file, MergedPolicy.xml. The cmdlet appends _0 to ID of the rules from the first policy, such as ID_SIGNER_S_17_0. It appends _1 to rules from the second policy, such as ID_ALLOW_A_49_1. The command does not include duplicates. For this example, we present only the first few rules.
Parameters
-AppIdTaggingPolicy
This parameter is reserved for future use.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-OutputFilePath
Specifies the path of the merged .xml policy file.
Type: | String |
Aliases: | o |
Position: | 0 |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PolicyPaths
Specifies an array of paths of the policy .xml files that this cmdlet merges.
Type: | String[] |
Aliases: | p |
Position: | 1 |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Rules
Specifies an array of Rule objects that this cmdlet adds to the merged policy. To obtain a rule object, use the Get-CIPolicy or New-CIPolicyRule cmdlets.
Type: | Rule[] |
Aliases: | r |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
Outputs
Rule
This cmdlet returns the rules in the policy that it creates.
Related Links
Commentaires
https://aka.ms/ContentUserFeedback.
Bientôt disponible : Tout au long de 2024, nous allons supprimer progressivement GitHub Issues comme mécanisme de commentaires pour le contenu et le remplacer par un nouveau système de commentaires. Pour plus d’informations, consultezEnvoyer et afficher des commentaires pour